The Department of Homeland Security (DHS) is making fighting ransomware a top priority, but law enforcement can struggle to get a handle on the scope of the problem – let alone chase down perpetrators – if businesses suffer these attacks in silence.
Many ransomware victims never report the incidents, said Eric Goldstein, executive assistant director of the Cybersecurity and Infrastructure Security Agency’s (CISA) cybersecurity division, during a recent US Chamber of Commerce virtual panel.
“It is extremely hard for us — even as a national cybersecurity community or a national business community – to understand the breadth of the problem, because we know that many organizations are experiencing these attacks and either paying, or not paying and simply suffering through it, and aren’t engaging law enforcement, aren’t engaging CISA for help with remediation,” Goldstein said.
But lack of reporting doesn’t mean lack of incidents, and what information is available indicates that small businesses are an exceptionally popular target, said DHS Secretary Alejandro Mayorkas, who has made tackling…
